Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content
Public statement

AG Communications Limited Public Statement

Published:
4 March 2025
Search or save this guide

Search this guide by:

  1. pressing Ctrl+f on your keyboard if you’re using a PC or ⌘+f if you’re using a Mac.
  2. typing the word or search term that you’re looking for.

Save a copy of this guide by:

  1. choose the 'save page' option in your browser
  2. save the HTML file in your chosen location.

You can also save this page as a PDF by:

  1. selecting the 'print this guide' button or use your browser print option
  2. in the print settings window, select 'Save as PDF'
  3. save the PDF file in your chosen location.

Our public statements make reference to breaches of the Licence Conditions and Codes of Practice (LCCP) requirements which were in effect at the time of the breach. In some cases, the requirements have since been updated.

Operators are expected to consider the issues outlined below and review their own practices to identify and implement improvements in respect of the management of customers’ accounts.

Introduction

Licensed gambling operators have a legal duty to ensure their gambling facilities are provided in compliance with the Gambling Act 2005 (opens in new tab)(the Act), the conditions of their licence and in accordance with the licensing objectives, which are to:

  • prevent gambling from being a source of crime or disorder, being associated with crime or disorder or being used to support crime
  • ensure that gambling is conducted in a fair, safe and open way
  • protect children and other vulnerable people from being harmed or exploited by gambling.

Operators are expected to consider the issues outlined below and review their own practices to identify and implement improvements in respect of the management of customers’ accounts.

AG Communications Limited Executive Summary

A regulatory review under section 116 of the Act was commenced following a Compliance Assessment of the remote Operating Licence of AG Communications Limited (licence number 039483-R-319409-017).

The review found failings in AG Communications Limited’s Anti-Money Laundering / Counter Terrorist Financing (AML/CTF) and Social Responsibility (SR) controls.

AG Communications Limited failed to comply with the following requirements of the Licence Conditions and Codes of Practice (the LCCP) between May 20231 and October 20242.

  • Paragraph 3 of Licence Condition (LC) 12.1.1 Anti-money laundering
  • Paragraphs 1, 4, 7,9 and 11 of Social Responsibility Code Provision (SRCP) 3.4.3 relating to remote customer interaction.
  • SRCP 3.9.1 (1) – Identification of Individual Customers – (Remote)
  • LC 4.2.1 (1) – Disclosure to Customers
  • LC 15.2.1 (15) – Reporting Key Events
  • SRCP 4.2.6 (1) – Display of Rules
  • SRCP 3.5.3 (1) - Self-exclusion – remote SR code

In line with our Statement of Principles for Licensing and Regulation, AG Communications Limited will make a payment in lieu of a financial penalty of £1,407,834. Details of this are set out under the heading Regulatory Settlement.

AG Communications Limited Findings

A Commission compliance assessment identified failings, and a regulatory review was commenced. During the review the Licensee made an early Regulatory Settlement Proposal (RSP) in which it admitted:

Breach of Licence Condition 12.1.1 (3)

Licence Condition 12.1.1 requires:

"Licensees must ensure that such policies, procedures and controls are implemented effectively, kept under review, revised appropriately to ensure that they remain effective, and take into account any applicable learning or guidelines published by the Gambling Commission from time to time."

We found that, on occasion, AG Communications Limited did not ensure that its policies, procedures and controls were effectively implemented.

Specifically, AG Communications Limited’s failures included:

  • AML/CTF policies and procedures were too reliant on financial thresholds
  • when customer accounts that were reviewed hit a medium, medium/high or high ML risk score they were not subject to a manual Enhanced Customer Due Diligence (ECDD) check until a financial trigger was hit
  • when financial thresholds were reached there were delays in completing ECDD checks. One customer who reached the financial trigger did not have an ECDD review conducted until a week later
  • not following its policy regarding ECDD checks. One customer who reached a financial threshold but did not have a high AML risk score, did not have a manual ECDD review until eight days later. This was contrary to AG Communications Limited’s policy.

Failure to comply with paragraphs 1, 4, 7, 9 and 11 of SRCP 3.4.3

Compliance with a SRCP is a condition of the licence by virtue of section 82(1) of the Act.

SRCP 3.4.3 paragraph 1 requires:

"Licensees must implement effective customer interaction systems and processes in a way which minimises the risk of customers experiencing harms associated with gambling. These systems and processes must embed the three elements of customer interaction – identify, act and evaluate – and which reflect that customer interaction is an ongoing process as explained in the Commission’s guidance (see paragraph 2)."

We found that, on occasion, AG Communications Limited had not ensured that its policies, procedures and controls had been effectively implemented.

Specifically, AG Communication Limited’s failures included:

  • failed to fully and effectively implement its “Responsible Matrix Interactions Protocol” in that, when a customer is identified as “medium high-risk”, a telephone interaction should take place. Not all customers identified as “medium high-risk” received a timely interaction
  • a backstop daily loss limit figure, designed to protect customers from significant losses, was not working correctly for certain historical account holders due to a system error and allowed affected customers to play through the loss limit
  • 176 customers were identified as being affected by the daily loss limit error. These customers were able to deposit a combined total of £220,334 over the daily loss limit.

SRCP 3.4.3 paragraph 4 requires:

"Licensees must have in place effective systems and processes to monitor customer activity to identify harm or potential harm associated with gambling, from the point when an account is opened"

We found AG Communications Limited:

  • did not have effective systems in place to prevent customers spending significant amounts of money in a short period of time before an assessment was made as to whether the customer was potentially at risk of gambling related harm. This raised concern that velocity spend was not being identified or acted upon quickly enough.
  • one customer was able to deposit and lose circa £7,000 in just over four hours in the early hours. This player was able to play through the backstop in place at that time, due to a system error which failed to prevent the customer from depositing above the backstop limit
  • a manual review of the customer did not identify the fact they had played through the backstop trigger.

SRCP 3.4.3 paragraph 7 requires:

"A Licensee’s systems and processes for customer interaction must flag indicators of risk of harm in a timely manner for manual intervention, and feed into automated processes as required by paragraph 11" (see below).

• the Licensee used automated financial trigger thresholds as a potential indicator of harm, but these were calculated in Euro currency only. This meant players who deposited in other currencies such as Sterling were not always identified in a timely manner for a manual interaction.

SRCP 3.4.3 paragraph 9 requires:

"Licensees must tailor the type of action they take based on the number and level of indicators of harm exhibited. This must include, but not be limited to, systems and processes which deliver:

  • a. tailored action at lower levels of indicators of harm which seek to minimise future harm
  • b. Increasing action where earlier stages have not had the impact required
  • c. strong or stronger action as the immediate next step in cases where that is appropriate, rather than increasing action gradually
  • d. reducing or preventing marketing or the take-up of new bonus offers where appropriate
  • e. ending the business relationship where necessary."

AG Communications Limited’s failures included:

  • not tailoring the type of action, it took based on the number and level of indicators of harm. There was evidence of customers being sent multiple emails, but this did not affect the customers’behaviour in relation to spend and/or nighttime play. The behaviour of customers did not change as a result of being sent multiple emails, but the operator did not increase its action in ways that we would have expected
  • a customer who was exhibiting potential indicators of harm - playing sessions above three hours, losses of circa £4,500 and staking circa £35,000 in two weeks - was sent two generic Safer Gambling (SG) interaction emails. Although a SG call was made to the customer, the record of this conversation showed it consisted of closed questions and did not address the playing session length, the losses or staking levels
  • a customer who had previously self-excluded sent a bank statement to the Licensee for proof of address, showing a balance of £75. Multiple financial triggers were hit, and the customer was assessed as high-risk yet was sent SG interaction (pop-ups) which were tailored towards lower levels of risk
  • AG Communications Limited failed to keep a detailed record of interactions it conducted with a customer identified as high-risk. An on-line chat did take place, but it consisted of closed questions. The customer was able to raise their monthly loss limit from £1,000 to £4,000 with no justification recorded. The Commission would expect the Licensee to conduct meaningful interactions and record in detail the rational for any action.
  • one customer was sent three emails during the duration of their account, but the emails did not affect the behaviour of the customer with velocity of play continuing to increase, along with night time play and multiple failed deposits.
  • AG Communications Limited failed to conduct a SG interaction despite a customer losing circa £6,000 in 48 hours. This customer was a student. It is acknowledged that a telephone interaction was attempted but only when the daily loss limit of £5,000 in 24 hours was reached.

SRCP 3.4.3 paragraph 11 requires:

"Licensees must ensure that strong indicators of harm, as defined within the licensee’s process, are acted on in a timely manner by implementing automated processes. Where such auto mated processes are applied, the licensee must manually review their operation in each individual customer’s case and the licensee must allow the customer the opportunity to contest any automated decision which affects them."

  • AG Communications Limited’s automated process failed a customer who was identified as high-risk, and the manual process was not undertaken until the following day. This meant that despite there being evidence of strong indicators of harm being present, they were not acted on in a timely manner.

Failure to comply with Social Responsibility Code Provision 3.9.1 (1) Identification of individual Customers – (Remote) requires:

"Licensees must have and put into effect policies and procedures designed to identify separate accounts which are held by the same individual."

  • one customer was able to open a significant number of gambling accounts despite the fact they had previously self-excluded. Another customer, who had previously had an account closed due to suspicious activity, was able to open an account.

Breach of Licence Condition 4.2.1 (1) - Disclosure to customers requires:

"Licensees who hold customer funds must set out clearly in the terms and conditions under which they provide facilities for gambling information about whether customer funds are protected in the event of insolvency, the level of such protection and the method by which this is achieved."

Failures included:

  • AG Communications Limited’s terms and conditions on the white label site Neptuneplay.com website did not inform customers of the level of protection of funds that the Licensee provided, as detailed in the Commission’s guidance.

Breach of Licence Condition 15.2.1 (15) – Reporting key events requires:

"A key event is an event that could have a significant impact on the nature or structure of a licensee’s business. Licensees must notify the Commission, in such form or manner as the Commission may from time to time specify, of the occurrence of specific key events as soon as reasonably practicable and in any event within five working days of the licensee becoming aware of the events occurrence."

Paragraph 15 details one such event namely:

"The making of a disclosure pursuant to section 330, 331, 332, or 338 of the Proceeds of Crime Act 2002 or section 19, 20, 21, 21ZA, 21ZB or 21A of the Terrorism Act 3000 (a Suspicious Activity Report)(“SAR”): the licensee should inform the Commission of the unique reference number issued by the United Kingdom Financial Intelligence Unit of the National Crime Agency in respect of each disclosure and for the purposes of this key event the five working day period referred to above runs from the licensee’s receipt of the unique reference number. The licensee should also indicate whether the customer relationship has been discontinued at the time of the submission."

Failures included:

  • AG Communications Limited failed to notify the Commission - as soon as reasonably practicable and in any event within five working days of the submission - of SARs. Instead, it submitted key event notices in batches over a period of several months at a time

Failure to comply with SRCP 4.2.6 (1) – Display of Rules – betting requires:

"Licensees must set out within the full rules that they make available, the core elements for the acceptance and settlement of bets. These rules must cover:

  • a. the circumstances under which the operator will void a bet;

  • b. treatment of errors, late bets and related contingencies;

  • c. availability of odds for any ante-post, early show or starting price betting, and treatment of place, forecast bets etc;

  • d. treatment of withdrawals, non-runners, and reformed markets;

  • e. maximum payout limiting liability for a specific betting product or generally;

  • f. any changes made to customers for the use of betting services or products, and how these are calculated (including deductions from winnings for commission, or in respect of withdrawn horses etc);

  • g. means or medium by which the outcome of an event will be determined;

  • h. the rules for the event itself to be specified (eg horserace bets only to be accepted; where the racing is subject to British Horseracing Authority rules);

  • i. where bets are accepted on ‘pari-mutuel’ terms and

  • j. any special arrangements for settling bets on ‘coupled’ horses."

  • the Commission found the link to AG Communications Limited’s betting rules by sport for customers, was not working on the Neptuneplay.com website.

Failure to comply with SRCP 3.5.3 (1) – Self-exclusion – remote SR code

"Licensees must have put into effect procedures for self-exclusion and take all reasonable steps to refuse service or to otherwise prevent an individual who has entered a self-exclusion agreement from participating in gambling."

The Licensee acknowledged that its system for preventing self-excluded customers from gambling was not as robust as it should have been, and it was in breach of SRCP 3.5.3(1).

  • one customer was able to bypass the Licensee’s account matching mechanism by using different variations of their first name, surname, email address, and postal address. This allowed them to circumvent the self-exclusion system, which should detect duplicate accounts and prevent self-excluded players from creating new accounts across the network. This self-excluded customer was able to register in excess of 100 accounts with the Licensee and went on to deposit circa £30,000 and lost circa £19,000 over a 21-month period.

AG Communications Limited Regulatory Settlement

This regulatory settlement consists of:

  • a payment of £1,407,834 in lieu of a financial penalty, which includes a divestment of £220,334. The money will be directed to socially responsible purposes
  • agreement to the publication of a statement of facts in relation to this case
  • payment towards the Commission’s costs of investigating the case.

In considering an appropriate resolution to this investigation, the Commission has had regard to the following aggravating and mitigating factors:

Aggravating factors

  • the failings were serious and potentially impacted on the licensing objectives
  • in May 2023, AG Communications Limited was subject of a Compliance Assessment, where failings were identified. A further Compliance Assessment was carried out in December 2023, a number of failings were identified, some of these being the same as those identified in the May 2023 assessment
  • the Licensee has been subject of a previous operating licence review
  • the breaches arose in circumstances that were similar to previous cases the Commission has dealt with which resulted in the publication of lessons learned for the wider industry.

Mitigating factors

AG Communications Limited:

  • put in place an action plan designed to remedy the failings and mitigate risk to customers following the December 2023 Assessment
  • fully co-operated with the investigation and provided regular updates
  • accepted the failings at an early stage in the investigation
  • voluntarily agreed a third-party audit to ensure compliance with AML and Safer Gambling and to improve internal training.

Good practice

Gambling operators should take account of the failings identified in this investigation to ensure industry learning. Operators should consider the following questions and take remedial action where required:

  • do you have effective processes in place to test and assess whether your policies, procedures and controls are being effectively implemented by staff? Is this recorded and demonstrable?
  • do you have set turnaround times for manual reviews, actions, processes, etc? Are these routinely met?
  • have staff received adequate initial and refresher training? Is this recorded and demonstrable?
  • do you have an effective method to disseminate feedback, good practice and lessons learned to your staff?
  • do you fully investigate accounts and mitigate risks when links are identified?
  • are you fully scrutinising all customer information available to you in a timely manner, properly assessing and taking steps to mitigating potential ML/TF and SR risks?
  • do you have an adequate system for cross-departmental sharing of information and concerns? For example, would your Fraud/AML agents alert your social responsibility agents if a bank statement showing financial vulnerability was received?
  • do you act quickly enough when customers display potential markers of harm? Do your procedures specify appropriate timescales for actions and interactions?
  • if you deviate from your policies and procedures, are you able to justify this and do you fully document those decisions and the rationale?

Notes

1 With the exception of SRCP 3.5.3 (1) which commenced in October 2022 and concluded in May 2024

2 The other breaches commenced on dates between May 2023 and November 2023 and concluded between December 2023 and October 2024

Is this page useful?
Back to top